The Senior Security Engineer will protect data and infrastructure from security threats, manage vulnerability assessments, ensure compliance, and support incident response.
Bounteous is a premier end-to-end digital transformation consultancy dedicated to partnering with ambitious brands to create digital solutions for today’s complex challenges and tomorrow’s opportunities. With uncompromising standards for technical and domain expertise, we deliver innovative and strategic solutions in Strategy, Analytics, Digital Engineering, Cloud, Data & AI, Experience Design, and Marketing.
Our Co-Innovation methodology is a unique engagement model designed to align interests and accelerate value creation. Our clients worldwide benefit from the skills and expertise of over 4,000+ expert team members across the Americas, APAC, and EMEA. By partnering with leading technology providers, we craft transformative digital experiences that enhance customer engagement and drive business success.
We are looking to hire a new MS Senior Security Engineer who will report directly to the Managed Services Security Operations Manager. In their role they will work closely with our Bounteous team members, lines of business and clients to help protect the data, products and infrastructure against security threats in support of the Managed Services practice.
The role will be working with each of the Business Units, as well as Project, Engineering and client teams to meet security and compliance services as described in the client’s SOW, including but not limited to: vulnerability management, security updates and upgrades, responding to intrusions, reviewing devices for strong security postures, and staying current with the latest Information Security trends and news.
Information Security Responsibilities
- Promote and enforce awareness of key information security practices, including acceptable use of information assets, malware protection, and password security protocols
- Identify, assess, and report security risks, focusing on how these risks impact the confidentiality, integrity, and availability of information assets
- Understand and evaluate how data is stored, processed, or transmitted, ensuring compliance with data privacy and protection standards (GDPR, CCPA, etc.)
- Ensure data protection measures are integrated throughout the information lifecycle to safeguard sensitive information
Role and Responsibilities
- Support the implementation of a strategy and roadmap for Bounteous Managed Security service offerings and contribute to driving the roadmap to completion.
- Participate in BU security architecture and review offering input pertaining to how proposed changes will have positive or negative downstream impact to Managed Services' ability to effectively provide services.
- Participate in Security on call and escalation rotation.
- Ensure that standard processes and operating procedures are regularly updated, stored in a knowledge repository, and strictly followed.
- Follow access standards for Cloudflare as implemented by the Dining BU to support statements of work for Security services.
- Responsible for working with Managed Services clients and teams to help them address client queries regarding Bounteous' information security posture, future strategy and current controls.
- Prioritize and address complex technical incidents and requests received through the ITSM ticketing system related to applications and production environments.
- Contribute to the design and implement multilevel security strategies to protect Managed Services networks and data resources.
- Coordinate requests by Managed Services accounts for security upgrades and test software to the upgrade as documented in the Service Request. Assess when Service Request scope is better suited as a Project and should be billed to the client as such.
- Respond to intrusions using expertise in computer forensics.
- Anticipate future problem areas by monitoring workflows and network traffic patterns. Share recommended remediation steps with appropriate Managed Services and account leadership as needed.
- Serve as an escalation point within the team by working with Managed Services teams, lower-level Security Analysts, clients, or project teams.
- Work with business units and Managed Services teams to understand the changes recommended to deploy/manage/maintain firewall rules and encryption programs to protect data resources.
- Provide after-hours deployment support to application development teams as needed.
- Architect solutions for specific Security service proposals, identifying cost buildup that includes work effort, tools, etc.
- Provide support in the development and delivery of presentations to clients and prospective clients about security services.
- Assist in the completion of documented client security questionnaires, manage Service Requests, Change Requests, and assignment trackers.
- Supporting the Lines of Business and clients in facilitating such reports including auditing certification requests (e.g., SOC, ISO, etc.) to a successful outcome.
- Working with internal corporate teams, upon request, to address questions in the area of IT, Infrastructure, Supplier Risk Management, Cyber Defense, and application teams to facilitate responses related to application functionality and security.
- Perform Vulnerability Management and reporting that feeds into the Managed Service’s workflow for resolution.
Preferred Qualifications
- BA/BS in Computer Science and or equivalent experience
- 6+ years of industry experience/background in IT services specifically senior security operations roles, experience as a business information security officer is a plus
- 2+ years of Cloudflare administration and configuration for enterprise clients
- Information Security specific qualification is desirable (such as CISM, CISA, CISSP)
- Experience in handling attack mitigation and thorough knowledge of various attacks
- Ability to assess security and business risks, analyzing and presenting critical risks and potential remediation activities to all levels of management within the business
- Experience in coaching on and analyzing of traffic for attack anomaly detection and creation of mitigation rules
- Security skills and certifications preferred: CISSP, GCIA GCIH, GCFA, GCFE, Cloudflare, etc.
- Proficient in the use of tools such as Cloudflare, Burp Suite, Kali Linux, VMware Fusion, AWS, Sumologic, Data Dog, CrowdStrike, ServiceNow, MS Office product suite (365)
- Fluent in Terraform
- Ability to work flexibly to meet demanding deadlines
- Excellent communication skills, both verbal and written
- Strong time management and organizational skills with the ability to manage multiple tasks and changing priorities
- Ability to work collaboratively in a team
- Experience in implementing security-related policies and procedures to support organizational scaling and growth projections
- Experience with 7 x 24 on call role and ability to participate in on call rotation, willing to work after hours and/or over-time to support service coverage requirements
We invite you to stay connected with us by subscribing to our monthly job openings alert here.
Bounteous is proud to be an equal opportunity employer. Bounteous does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, physical or mental disability, national origin, veteran status, or any other status protected under federal, state, or local law. Bounteous is willing to sponsor eligible candidates for employment visas.
#BI-Remote
#LI-Remote
Top Skills
AWS
Burp Suite
Cloudflare
Crowdstrike
Data Dog
Kali Linux
Ms Office 365
Servicenow
Sumologic
Terraform
Vmware Fusion
Similar Jobs at Bounteous
Agency • Digital Media • eCommerce • Professional Services • Software • Analytics • Consulting
The AEM Architect will lead engineering solutions, mentor a team, convert business needs to technical specifications, and ensure high availability in systems.
Top Skills:
AemApache Web ServerCommerceJavaJcrMulesoftOsgiSalesforceSling
Agency • Digital Media • eCommerce • Professional Services • Software • Analytics • Consulting
The AJO Platform Developer will build and optimize journeys in Adobe Journey Optimizer, collaborating with stakeholders for data-driven marketing automation and ensuring compliance with security protocols.
Top Skills:
Adobe Experience CloudAdobe Journey OptimizerAPIsHTMLJSON
Agency • Digital Media • eCommerce • Professional Services • Software • Analytics • Consulting
The Lead CDP Consultant manages Customer Data Platform activities, ensuring data governance, guiding CDP maturity, and collaborating with cross-functional teams to enhance client strategies and solutions.
Top Skills:
Adobe Real-Time CdpAdobe TagsAep Journey OrchestrationAjoCrm Platforms (Salesforce)Ga4Marketing Automation Tools (MarketoPardot)Power BITableauWebsdk
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
